Skip to main content

CVE details

To view the CVE details card, select the Library or Vulnerabilites (CVES) link and then select the CVE link under the What's the risk? section.

CVEDetails_EN.png

  • First Seen in Contrast provides insight into your exposure window

  • Organizational Impact displays precisely which applications and servers are affected

  • Display of CVSS, Impact Score, Exploitability Score, and EPSS severity and metrics adds a comprehensive risk assessment and helps prioritize remediation. The EPSS (Exploit Prediction Scoring System) calculation provides a probability range between 0 and 1 (0 and 100%). A higher score indicates a vulnerability likely to be exploited within 30 days.

  • Select See NVD for latest information or See in cve.org to view information about the specific CVE on the site. Note that the NVD site only provides a snapshot of information when the CVE was raised and may not be the most current description of the CVE.

Note

If NVD has not provided a CVSS score, scoring information is received from third-party sites. In this case, it will look similar to the information in the screen below:

CVE_thirdparty.png
In this section:

Calculation based on the likelihood of a vulnerability being exploited.

EPSS provides a probability range between 0 to 1 (0 and 100%). A higher score indicates a vulnerability likely will be exploited within 30 days.

The EPSS percentile is a percentage score assigned to a specific vulnerability that indicates how likely it is to be exploited compared to other vulnerabilities. For instance, a vulnerability with an EPSS percentile of 90% means it has a higher probability score than 90% of all other CVEs in the group.